RSASignatureMethodImpl.java
3.97 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
/*
* Decompiled with CFR 0_118.
*
* Could not load the following classes:
* com.adobe.granite.crypto.CryptoException
* com.adobe.granite.crypto.CryptoSupport
* org.apache.commons.codec.binary.Base64
* org.apache.oltu.commons.encodedtoken.TokenDecoder
* org.apache.oltu.jose.jws.signature.SignatureMethod
* org.apache.oltu.jose.jws.signature.SigningKey
* org.apache.oltu.jose.jws.signature.VerifyingKey
* org.slf4j.Logger
* org.slf4j.LoggerFactory
*/
package com.adobe.granite.oauth.jwt.impl;
import com.adobe.granite.crypto.CryptoException;
import com.adobe.granite.crypto.CryptoSupport;
import com.adobe.granite.oauth.jwt.impl.PrivateKey;
import com.adobe.granite.oauth.jwt.impl.PublicKey;
import org.apache.commons.codec.binary.Base64;
import org.apache.oltu.commons.encodedtoken.TokenDecoder;
import org.apache.oltu.jose.jws.signature.SignatureMethod;
import org.apache.oltu.jose.jws.signature.SigningKey;
import org.apache.oltu.jose.jws.signature.VerifyingKey;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/*
* This class specifies class file version 49.0 but uses Java 6 signatures. Assumed Java 6.
*/
public class RSASignatureMethodImpl
implements SignatureMethod<PrivateKey, PublicKey> {
private final Logger logger = LoggerFactory.getLogger(RSASignatureMethodImpl.class);
private CryptoSupport cryptoSupport;
private String algorithm;
public RSASignatureMethodImpl(CryptoSupport cryptoSupport, String algorithm) {
this.cryptoSupport = cryptoSupport;
this.algorithm = algorithm;
}
public String calculate(String header, String payload, PrivateKey signingKey) {
this.logger.debug("calculate signature for header {} and payload {}", (Object)header, (Object)payload);
StringBuilder sb = new StringBuilder();
sb.append(header).append(".").append(payload);
String stringToSign = sb.toString();
byte[] bytes = null;
try {
bytes = this.cryptoSupport.sign(stringToSign.getBytes(), signingKey.getPrivateKey(), this.getAlgorithmInternal());
}
catch (CryptoException e) {
throw new RuntimeException("failed while calculating the signature", (Throwable)e);
}
return TokenDecoder.base64Encode((byte[])bytes);
}
public boolean verify(String signedText, String header, String payload, PublicKey verifyingKey) {
this.logger.debug("verify signature for header {} and payload {}", (Object)header, (Object)payload);
String text = header + "." + payload;
try {
return this.cryptoSupport.verify(text.getBytes(), RSASignatureMethodImpl.decode(signedText), verifyingKey.getPublicKey(), this.getAlgorithmInternal());
}
catch (CryptoException e) {
this.logger.warn("verify: failed while validating the signature", (Throwable)e);
return false;
}
}
public String getAlgorithm() {
return this.algorithm;
}
private String getAlgorithmInternal() {
String alg = null;
if ("RS256".equals(this.algorithm)) {
alg = "SHA256withRSA";
} else if ("RS384".equals(this.algorithm)) {
alg = "SHA384withRSA";
} else if ("RS512".equals(this.algorithm)) {
alg = "SHA512withRSA";
}
return alg;
}
private static byte[] decode(String base64encoded) throws CryptoException {
String s = base64encoded;
s = s.replace('-', '+');
s = s.replace('_', '/');
switch (s.length() % 4) {
case 0: {
break;
}
case 2: {
s = s + "==";
break;
}
case 3: {
s = s + "=";
break;
}
default: {
throw new CryptoException("Illegal base64url string!");
}
}
byte[] LINE_SEPARATOR = new byte[]{};
Base64 base64 = new Base64(-1, LINE_SEPARATOR, true);
return base64.decode(s);
}
}